Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/Q5CH56iJvg2-frvvsL2Wtsou6pk.roa
File: Q5CH56iJvg2-frvvsL2Wtsou6pk.roa (raw, json)
Hash identifier: Z4nhA3fpoVO1FUzv14izNBIO/iyoxYCaPyscVKmhhhA=
Subject key identifier: 43:90:87:E7:A8:89:BE:0D:BE:7E:BB:EF:B0:BD:96:B6:CA:2E:EA:99
Certificate issuer: /CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Certificate serial: 01850905CE2F85467AC9FA0015F81A5F6EA2
Authority key identifier: 32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/Q5CH56iJvg2-frvvsL2Wtsou6pk.roa
Signing time: Tue 13 Dec 2022 01:07:33 +0000
ROA not before: Tue 13 Dec 2022 01:07:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209235
IP address blocks: 45.141.242.0/24 maxlen: 24
45.141.255.0/24 maxlen: 24
193.38.224.0/24 maxlen: 24
2a09:c0c0::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:09:05:ce:2f:85:46:7a:c9:fa:00:15:f8:1a:5f:6e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Validity
Not Before: Dec 13 01:07:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=439087e7a889be0dbe7ebbefb0bd96b6ca2eea99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8c:79:e9:5e:18:75:7d:cc:eb:00:d3:24:c3:
4d:6e:72:b6:90:eb:bb:19:6e:10:79:2c:a7:92:87:
4b:90:a3:e4:e4:49:9b:57:55:21:cc:ae:b7:c5:18:
50:f6:29:d3:cb:4b:ec:ba:c0:c0:b7:7f:c6:5b:69:
34:f5:38:6f:e8:3a:b9:29:e8:13:3c:9a:68:22:4d:
ab:cc:87:a2:ac:69:ca:a3:a0:4c:f5:9a:b1:88:f2:
fb:14:69:ea:63:0d:31:ab:09:e9:a1:8f:1a:41:7e:
f9:36:ef:75:56:56:b3:e6:41:de:7a:22:13:1c:2a:
67:72:a9:d2:5e:52:47:8d:1b:ff:18:f8:ee:d5:6d:
05:e8:4a:4f:84:e7:eb:51:0c:07:da:c2:e7:87:c7:
46:5a:6b:75:59:d2:83:99:22:6f:76:d5:12:f8:5f:
ac:b6:d7:97:a7:76:73:d7:9b:7a:32:d7:c4:74:15:
7b:37:bb:52:67:3e:11:f8:6a:f9:6e:b8:26:03:42:
e6:c4:05:86:e4:0b:1b:44:ee:9e:f0:ae:fa:b6:c4:
2f:50:fe:fc:aa:23:ea:7b:d0:b6:3c:15:93:6f:21:
26:e4:3c:19:8e:e8:34:8c:0e:aa:b0:21:05:2b:a3:
8a:a5:5d:8d:16:bb:12:9a:4d:3c:ef:ee:34:ec:ee:
54:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:90:87:E7:A8:89:BE:0D:BE:7E:BB:EF:B0:BD:96:B6:CA:2E:EA:99
X509v3 Authority Key Identifier:
keyid:32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/Q5CH56iJvg2-frvvsL2Wtsou6pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.242.0/24
45.141.255.0/24
193.38.224.0/24
IPv6:
2a09:c0c0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:c1:e2:32:66:75:60:26:d4:39:cc:34:d1:e6:d9:dd:a1:75:
52:1c:9a:ce:59:82:40:3e:03:0d:21:5a:47:4f:50:23:ee:5d:
06:27:de:06:d9:d9:88:cd:56:81:48:a7:4a:0b:08:01:02:fc:
87:5a:aa:47:ae:13:fc:1b:5a:b3:56:7b:b0:7e:6f:31:b1:31:
84:39:78:ff:50:88:2a:e4:5e:2a:e0:56:9a:f1:59:34:ba:16:
be:6e:df:97:46:c4:56:fe:af:de:40:84:4e:a7:99:b1:a7:cf:
91:de:e6:65:67:f0:a4:db:eb:cb:94:2a:7d:64:89:13:5b:41:
2e:68:6e:15:a2:6a:59:60:e3:15:2a:11:16:e5:42:d9:9a:05:
03:a4:7e:4f:97:4b:8d:1c:82:16:21:3d:3c:39:eb:e5:32:cf:
3f:db:55:f2:a3:06:9b:7d:7d:8e:71:41:ab:79:2e:66:1f:60:
0b:e2:be:55:5b:80:42:82:dd:45:df:f2:bf:17:e4:61:81:ac:
00:26:b9:12:c2:85:ac:fb:86:34:32:94:5e:1b:b1:f0:32:3e:
a7:82:be:c0:90:85:e4:a8:b7:85:20:ad:4c:a5:12:df:5d:f0:
89:92:7f:32:86:20:00:4e:79:0a:aa:0c:37:1d:d1:71:ab:fe:
7c:15:f2:12
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYUJBc4vhUZ6yfoAFfgaX26iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzc4ZWVlZjdhY2I0NTFmYzM3NTc1ZmViOTExNGRmY2Nj
MWNkZmIwHhcNMjIxMjEzMDEwNzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzkwODdlN2E4ODliZTBkYmU3ZWJiZWZiMGJkOTZiNmNhMmVlYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArox56V4YdX3M6wDTJMNNbnK2kOu7
GW4QeSynkodLkKPk5EmbV1UhzK63xRhQ9inTy0vsusDAt3/GW2k09Thv6Dq5KegT
PJpoIk2rzIeirGnKo6BM9ZqxiPL7FGnqYw0xqwnpoY8aQX75Nu91Vlaz5kHeeiIT
HCpncqnSXlJHjRv/GPju1W0F6EpPhOfrUQwH2sLnh8dGWmt1WdKDmSJvdtUS+F+s
tteXp3Zz15t6MtfEdBV7N7tSZz4R+Gr5brgmA0LmxAWG5AsbRO6e8K76tsQvUP78
qiPqe9C2PBWTbyEm5DwZjug0jA6qsCEFK6OKpV2NFrsSmk087+407O5UxwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEOQh+eoib4Nvn6777C9lrbKLuqZMB8GA1UdIwQY
MBaAFDLHju73rLRR/DdXX+uRFN/Mwc37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYt
MmYxYzhlNDA4YjY0LzEvUTVDSDU2aUp2ZzItZnJ2dnNMMld0c291NnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYtMmYxYzhlNDA4YjY0
LzEvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALY3yAwQA
LY3/AwQAwSbgMA0EAgACMAcDBQMqCcDAMA0GCSqGSIb3DQEBCwUAA4IBAQAKweIy
ZnVgJtQ5zDTR5tndoXVSHJrOWYJAPgMNIVpHT1Aj7l0GJ94G2dmIzVaBSKdKCwgB
AvyHWqpHrhP8G1qzVnuwfm8xsTGEOXj/UIgq5F4q4Faa8Vk0uha+bt+XRsRW/q/e
QIROp5mxp8+R3uZlZ/Ck2+vLlCp9ZIkTW0EuaG4VompZYOMVKhEW5ULZmgUDpH5P
l0uNHIIWIT08OevlMs8/21XyowabfX2OcUGreS5mH2AL4r5VW4BCgt1F3/K/F+Rh
gawAJrkSwoWs+4Y0MpReG7HwMj6ngr7AkIXkqLeFIK1MpRLfXfCJkn8yhiAATnkK
qgw3HdFxq/58FfIS
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net